Linux Command-Line For Analysts and Operators w/ Hal Pomeranz
October 8 @ 10:30 am – October 9 @ 7:00 pm EDT
Instructor: Hal Pomeranz
Course Length: 16 Hours
Includes: Twelve months of complimentary access to the Antisyphon Cyber Range, certificate of participation, six months access to class recordings.
Class Dates | Class Times |
---|---|
Tuesday, October 8th, 2024: | 8:30 AM – 5:00 PM MT |
Wednesday, October 9th, 2024: | 8:30 AM – 5:00 PM MT |
These classes are a part of Wild West Hackin’ Fest 2024 . Conference occurs both virtually and in person. For more information about the conference visit our website!
Clicking on the button above will take you
to our registration page on the website.
Pricing:
Course Description
The DevOps folks are pushing Linux, your red-team friends are doing serious damage with Linux-based tools, and the Linux users on your Incident Response team are doing mysteriously powerful things. You’re ready to see if some of the Linux magic can rub off on you, but you don’t know where to start.
This two-day course is a quick jumpstart on the Linux command-line. Start from the basics and work all the way up to command-line programming. Short learning modules and lots of practical hands-on activities will put you on the road to Linux command-line mastery. And electronic copies of everything are yours to take home, so you can continue the learning even after class is over.
Who Should Take This Course
Anybody who wants to improve their effectiveness on the Linux command line!
- Analysts who need to review data and alerts in the Linux environment
- Penetration testers and operators looking to more effectively live off the land on Linux networks
- Administrators and developers building and defending Linux application infrastructures
Audience Skill Level
- No familiarity with Linux is assumed. Experience with some command line (e.g. Windows command or Powershell) is helpful but not necessary.
System Requirements
- A laptop with a working Linux virtual machine (or running Linux natively)
What Each Student Should Bring
A properly configured laptop and natural curiosity
What Students Will Be Provided With
Students will receive course slides in PDF form along with lab exercises which they can run on their own Linux system. This material can be downloaded from GitHub – halpomeranz/LinuxCmdLine: Create lab environment for Linux Command Line course
Syllabus
Getting Around
- The Linux file system
- cd, pwd, and ls
- Relative vs absolute pathnames
- Tab completion
- <<LAB>> Directory Jeopardy!
Basic Commands
- File manipulation (cp, mv, and rm)
- Getting to know ls
- Getting help
- Command history searching and editing
- cat and less
- Effective use of wildcards
- su and sudo
- <<LAB>> Only Seven Commands? No Worries!
Building Blocks
- The Unix/Linux command design
- Slicing and dicing (cut and awk)
- Selecting (grep)
- Sorting and collecting (sort and uniq)
- Sampling (head, tail, wc)
- <<LAB>> Learning to Linux
Output Redirection
- stdin, stdout, stderr
- Best practices
- Output splitting (tee)
- Argument substitution (“$(…)”)
- <<LAB>> Redirect This!
Loops
- The humble echo statement
- Simple wildcard loops
- Loops in pipelines
- Other argument lists
- Reading from files
- Field splitting
- <<LAB>> Get in the Loop
Conditionals
- “if … then”
- Short-circuit operations
- Test operator (“[[…]]”)
- <<LAB>> Choose Your Own Adventure
Other Iterators
- Implicit loop operations (awk, grep)
- find command
- Adding xargs
- Dealing with whitespace in file names
- <<LAB>> Find All the Things!
Regular Expressions
- Basic regular expressions
- Extended regular expression syntax
- When to use which syntax
- <<LAB>> Express Yourself
AWK, sed, and tr
- Advanced selection with awk
- Transforming strings with sed
- Easy transforms with tr
- <<LAB>> Transformers
Processes
- The different modes of ps
- Seeing network information (netstat)
- Terminating processes (kill, pkill)
- Process priority (renice)
- All hail lsof
- Best of /proc
- <<LAB>> Processing
Users, Groups, and Permissions
- Understanding users and groups
- Command interface (id, who, whoami, groups)
- File ownership
- File permissions
- With chown, chgrp, chmod, and find
- About umask
- <<LAB>> Mine, Ours, Theirs
Trainer & Author
Hal Pomeranz is an independent digital forensic investigator who has consulted on cases ranging from intellectual property theft, to employee sabotage, to organized cybercrime and malicious software infrastructures. He has spent more than thirty years providing pragmatic Information Technology and Security solutions for some of the world’s largest commercial, government, and academic institutions.